def test_invalid_guids_filtering_before_call(self):
"""Tests invalid guids are filtered before making API calls. As making
API calls with empty guid list is valid these calls should succeed.
"""
ts = TSApiWrapper(DISABLE_SSL)
ts.login(HOSTPORT, USERNAME, PASSWORD)
analyst_group_guid = "c241143a-0e2b-44b6-9cbc-c2b3cff8c57d"
invalid_guid_list = [None, "a", 1, "acdf1234-1-1-1-3", ""]
# Validate various calls which accept guid list.
status = ts.add_groups_to_group(invalid_guid_list,
analyst_group_guid).status
self.assertEqual(status, Constants.OPERATION_SUCCESS)
status = ts.update_users_to_group(invalid_guid_list,
analyst_group_guid).status
self.assertEqual(status, Constants.OPERATION_SUCCESS)
status = ts.update_groups_to_group(invalid_guid_list,
analyst_group_guid).status
self.assertEqual(status, Constants.OPERATION_SUCCESS)
status = ts.delete_users(invalid_guid_list).status
self.assertEqual(status, Constants.OPERATION_SUCCESS)
status = ts.delete_groups(invalid_guid_list).status
self.assertEqual(status, Constants.OPERATION_SUCCESS)
def test_create_user_weak_password(self):
"""Tests user creation with weak password"""
new_user = "******"
ts = TSApiWrapper(DISABLE_SSL)
ts.login(HOSTPORT, USERNAME, PASSWORD)
#######################################################################
# Test for LDAP_USER create/delete with weak password
# Assert user doesn't exist in TS.
flag = new_user in [user.name for user in ts.list_users().data]
self.assertFalse(flag)
# Create LDAP user with weak password
weak_password = "******"
status = ts.create_user(new_user, new_user, TSApiWrapper.LDAP_USER,
weak_password).status
self.assertEqual(status, Constants.OPERATION_FAILURE)
# Assert user doesn't exist in TS.
flag = new_user in [user.name for user in ts.list_users().data]
self.assertFalse(flag)
def test_get_batched_users(self):
"""Tests that we list a batch of users with an offset.
{
User: user0,
User: user1,...
User: user5
}
offset = 3, batch = 2 -> [user3, user4]
"""
# Login
ts = TSApiWrapper(DISABLE_SSL)
ts.login(HOSTPORT, USERNAME, PASSWORD)
users = ["batched_user" + str(i) for i in range(12)]
# Create ts user objects
for u in users:
ts.create_user(u, u)
user_ids = set(
[ts.get_userid_with_name(user_name).data for user_name in users])
# Test batched entities call with offset
offset = 3
batchsize = 2
users_list_ids = [u.id for u in ts.list_users().data]
users_batched = ts._get_batched_entities("User", offset,
batchsize).data[0]
users_batched_ids = [u.id for u in users_batched]
self.assertEqual(users_batched_ids,
users_list_ids[offset:offset + batchsize])
# Cleanup
ts.delete_users(list(user_ids))
def test_create_delete_user(self):
"""Tests creation and deletion of user by name 'newxyzuser'."""
new_user = "******"
ts = TSApiWrapper(DISABLE_SSL)
ts.login(HOSTPORT, USERNAME, PASSWORD)
#######################################################################
# Test for LOCAL_USER create/delete.
# Assert user doesnt exist in TS.
flag = new_user in [user.name for user in ts.list_users().data]
self.assertFalse(flag)
# Create LOCAL user
ts.create_user(new_user, new_user)
# Assert user exists in TS now.
flag = new_user in [user.name for user in ts.list_users().data]
self.assertTrue(flag)
# Assert by default user type is set to LOCAL_USER.
for user in ts.list_users().data:
if user.name == new_user:
self.assertEqual(TSApiWrapper.LOCAL_USER, user.type)
# Create user again and check we get USER_ALREADY_EXISTS status.
status = ts.create_user(new_user, new_user).status
self.assertEqual(status, Constants.USER_ALREADY_EXISTS)
# Get user id with name.
user_id = ts.get_userid_with_name(new_user).data
# Delete user.
ts.delete_users([user_id])
# Assert user no longer exists in TS System.
flag = new_user in [user.name for user in ts.list_users().data]
self.assertFalse(flag)
#######################################################################
# Test for LDAP_USER create/delete.
# Assert user doesnt exist in TS.
flag = new_user in [user.name for user in ts.list_users().data]
self.assertFalse(flag)
# Create LDAP user
ts.create_user(new_user, new_user, TSApiWrapper.LDAP_USER)
# Assert user exists in TS now.
flag = new_user in [user.name for user in ts.list_users().data]
self.assertTrue(flag)
# Assert user type is set to LDAP_USER.
for user in ts.list_users().data:
if user.name == new_user:
self.assertEqual(TSApiWrapper.LDAP_USER, user.type)
# Create user again and check we get USER_ALREADY_EXISTS status.
status = ts.create_user(new_user, new_user,
TSApiWrapper.LDAP_USER).status
self.assertEqual(status, Constants.USER_ALREADY_EXISTS)
# Get user id with name.
user_id = ts.get_userid_with_name(new_user).data
# Delete user.
ts.delete_users([user_id])
# Assert user no longer exists in TS System.
flag = new_user in [user.name for user in ts.list_users().data]
self.assertFalse(flag)
#######################################################################
# Test for SAML_USER create/delete.
# Assert user doesnt exist in TS.
flag = new_user in [user.name for user in ts.list_users().data]
self.assertFalse(flag)
# Create SAML user
ts.create_user(new_user, new_user, TSApiWrapper.SAML_USER)
# Assert user exists in TS now.
flag = new_user in [user.name for user in ts.list_users().data]
self.assertTrue(flag)
# Assert user type is set to SAML_USER.
for user in ts.list_users().data:
if user.name == new_user:
self.assertEqual(TSApiWrapper.SAML_USER, user.type)
# Create user again and check we get USER_ALREADY_EXISTS status.
status = ts.create_user(new_user, new_user,
TSApiWrapper.SAML_USER).status
self.assertEqual(status, Constants.USER_ALREADY_EXISTS)
# Get user id with name.
user_id = ts.get_userid_with_name(new_user).data
# Delete user.
ts.delete_users([user_id])
# Assert user no longer exists in TS System.
flag = new_user in [user.name for user in ts.list_users().data]
self.assertFalse(flag)
def test_list_users(self):
"""Tests that we list all users, regardless
of batchsize requested.
Note, this test takes some time due to the large number of
users created to test the default batchsize.
{
User: user1,
User: user2,...
User: userN
}
Tests that list_users(batchsize=-1)
== list_users(batchsize=[0, N])
== list_users()
"""
# Login
ts = TSApiWrapper(DISABLE_SSL)
ts.login(HOSTPORT, USERNAME, PASSWORD)
users = ["user" + str(i) for i in range(250)]
# Create ts user objects
for u in users:
res = ts.create_user(u, u)
sleep_time, create_count = 0.5, 0
while res.status != Constants.OPERATION_SUCCESS:
# Check if we have tried creating too many times
if create_count > 3:
break
# Sleep for @sleep_time seconds, so we do not choke ts instance
time.sleep(sleep_time)
res = ts.create_user(u, u)
sleep_time *= 2
create_count += 1
user_ids = set([
ts.get_userid_with_name(user_name).data for user_name in users
]) # - set([None])
# Check that all users were successfully created
self.assertEqual(len(users), len(user_ids))
# List all ts user objects (including default users Ex. 'system')
for batchsize in [-1, 0, 100, 150, None]:
users_batched = ts.list_users() if batchsize is None \
else ts.list_users(batchsize)
users_batched = users_batched.data
# Test if all returned users are unique
self.assertTrue(len(users_batched) == len(set(users_batched)))
# Get all user_ids from the returned list
users_batched_ids = [user_obj.id for user_obj in users_batched]
# Test if all relevant users are returned
self.assertTrue(all([uid in users_batched_ids
for uid in user_ids]))
# Cleanup
ts.delete_users(list(user_ids))
def test_login(self):
"""Tests login into a TS System."""
ts = TSApiWrapper(DISABLE_SSL)
self.assertFalse(ts._is_authenticated())
ts.login(HOSTPORT, USERNAME, PASSWORD)
self.assertTrue(ts._is_authenticated())
def test_empty_group_relationship(self):
"""Tests creation of following structure.
Group: parent_group {
Group: member_group {}
User: member_user
}
Updates parent_group to {}
Checks for parent_group members to be empty.
"""
parent_group = "parent_group"
member_group = "member_group"
member_user = "******"
ts = TSApiWrapper(DISABLE_SSL)
ts.login(HOSTPORT, USERNAME, PASSWORD)
# Create Parent Group
ts.create_group(parent_group, parent_group)
# Create members
ts.create_group(member_group, member_group)
ts.create_user(member_user, member_user)
# Update parent group with members.
parent_gid = ts.get_groupid_with_name(parent_group).data
member_gid = ts.get_groupid_with_name(member_group).data
member_uid = ts.get_userid_with_name(member_user).data
ts.update_groups_to_group([member_gid], parent_gid)
ts.update_users_to_group([member_uid], parent_gid)
# Test for membership.
groups = ts.list_groups_in_group(parent_gid).data
self.assertEqual(groups[0].id, member_gid)
users = ts.list_users_in_group(parent_gid).data
self.assertEqual(users[0].id, member_uid)
# Update parent group with no members.
ts.update_users_to_group([], parent_gid)
ts.update_groups_to_group([], parent_gid)
# Test for membership.
groups = ts.list_groups_in_group(parent_gid).data
self.assertEqual(groups, [])
users = ts.list_users_in_group(parent_gid).data
self.assertEqual(users, [])
# Cleanup
ts.delete_groups([member_gid, parent_gid])
ts.delete_users([member_uid])
def test_add_groups_to_group(self):
"""Tests creation of following structure.
Group: parent_group {
Group: member_group1,
Group: member_group2
}
"""
parent_group = "parent_group"
member_group1 = "member_group1"
member_group2 = "member_group2"
ts = TSApiWrapper(DISABLE_SSL)
ts.login(HOSTPORT, USERNAME, PASSWORD)
# Create Parent Group
ts.create_group(parent_group, parent_group)
# Create members
ts.create_group(member_group1, member_group1)
ts.create_group(member_group2, member_group2)
# Add member 1 to parent
parent_gid = ts.get_groupid_with_name(parent_group).data
member_gid1 = ts.get_groupid_with_name(member_group1).data
member_gid2 = ts.get_groupid_with_name(member_group2).data
# Update parent group with members.
self.assertEqual(len(ts.list_groups_in_group(parent_gid).data), 0)
ts.add_groups_to_group([member_gid1], parent_gid)
self.assertEqual(len(ts.list_groups_in_group(parent_gid).data), 1)
ts.add_groups_to_group([member_gid2], parent_gid)
self.assertEqual(len(ts.list_groups_in_group(parent_gid).data), 2)
# Cleanup
ts.delete_groups([member_gid1, member_gid2, parent_gid])
def test_create_delete_group(self):
"""Tests creation and deletion of user by name 'newxyzgroup'."""
new_group = "newxyzgroup"
ts = TSApiWrapper(DISABLE_SSL)
ts.login(HOSTPORT, USERNAME, PASSWORD)
#######################################################################
# Test for LOCAL_GROUP create/delete.
# Assert group doesn't exist in TS.
flag = new_group in [group.name for group in ts.list_groups().data]
self.assertFalse(flag)
# Create group.
ts.create_group(new_group, new_group)
# Assert group exists in TS now.
flag = new_group in [group.name for group in ts.list_groups().data]
self.assertTrue(flag)
# Assert by default group type is set to LOCL_GROUP
for group in ts.list_groups().data:
if group.name == new_group:
self.assertEqual(TSApiWrapper.LOCAL_GROUP, group.type)
# Create group again and check we get GROUP_ALREADY_EXISTS status.
status = ts.create_group(new_group, new_group).status
self.assertEqual(status, Constants.GROUP_ALREADY_EXISTS)
# Get group id with name.
group_id = ts.get_groupid_with_name(new_group).data
# Delete group.
ts.delete_groups([group_id])
# Assert group no longer existe in TS System.
flag = new_group in [group.name for group in ts.list_groups().data]
self.assertFalse(flag)
#######################################################################
# Test for LDAP_GROUP create/delete.
# Assert group doesn't exist in TS.
flag = new_group in [group.name for group in ts.list_groups().data]
self.assertFalse(flag)
# Create group.
ts.create_group(new_group, new_group, TSApiWrapper.LDAP_GROUP)
# Assert group exists in TS now.
flag = new_group in [group.name for group in ts.list_groups().data]
self.assertTrue(flag)
# Assert group type is set to LDAP_GROUP
for group in ts.list_groups().data:
if group.name == new_group:
self.assertEqual(TSApiWrapper.LDAP_GROUP, group.type)
# Create group again and check we get GROUP_ALREADY_EXISTS status.
status = ts.create_group(new_group, new_group,
TSApiWrapper.LDAP_GROUP).status
self.assertEqual(status, Constants.GROUP_ALREADY_EXISTS)
# Get group id with name.
group_id = ts.get_groupid_with_name(new_group).data
# Delete group.
ts.delete_groups([group_id])
# Assert group no longer existe in TS System.
flag = new_group in [group.name for group in ts.list_groups().data]
self.assertFalse(flag)